Deny ALL connections with CSF

In this article, we will show how you can temporarily block server access with the use of CSF. CSF (ConfigServer Security & Firewall) is a powerful firewall for Linux systems.

First of all, you must make sure to whitelist your own IP. Use:

csf -a yourIP
root@www [/]# csf -a 192.168.11.11
Adding 192.168.11.11 to csf.allow and iptables ACCEPT...
root@www [/]#

To deny all inbound connections to all server services use:

csf -td 0.0.0.0/0 30 -d in "block all inbound connections for 30 seconds"

To deny all inbound connections to port 80 (Apache server), use:

csf -td 0.0.0.0/0 30 -p 80 -d in "block all inbound connections to port 80 for 30 seconds"
root@www [/]# csf -td 0.0.0.0/0 30 -p 80 -d in "block all inbound connections to port 80 for 30 seconds"
csf: 0.0.0.0/0 blocked on port 80 for 30 seconds inbound

To check the status of the previous temporary blocked IP(s), use:

csf -t
root@www [/]# csf -t
DENY  0.0.0.0/0                                 80    in    24s              block all inbound connections for 30 seconds

If you want to remove the IP(s) ahead of time:

csf -tr 0.0.0.0/0

Resources:
https://configserver.com/cp/csf.html

Leave a Reply